CVE-2009-4324 in OpenSuse and Suse Products
Published on December 15, 2009
Known Exploited Vulnerability
This Adobe Acrobat and Reader Use-After-Free Vulnerability is part of CISA's list of Known Exploited Vulnerabilities. Use-after-free vulnerability in Adobe Acrobat and Reader allows remote attackers to execute code via a crafted PDF file.
The following remediation steps are recommended / required by June 22, 2022: Apply updates per vendor instructions.
Vulnerability Analysis
CVE-2009-4324 is exploitable with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
What is a Dangling pointer Vulnerability?
Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.
CVE-2009-4324 has been classified to as a Dangling pointer vulnerability or weakness.
Products Associated with CVE-2009-4324
You can be notified by stack.watch whenever vulnerabilities like CVE-2009-4324 are published in these products:
What versions are vulnerable to CVE-2009-4324?
Each of the following must match for the vulnerability to exist.
- OpenSuse Version 11.1
- OpenSuse Version 11.2
- Suse Linux Enterprise Debuginfo Version 11 -
- Suse Linux Enterprise Version 10.0 sp3
- Suse Linux Enterprise Version 10.0 sp2